RE: Requirements Document

I think we should have strong authentication in as many
use cases as practical. I suspect that we can't do it
in all cases, so I want the language written appropriately.
I would say that strong authentication with or without
explicit user identity is acceptable.

Brian

> -----Original Message-----
> From: Adam Shostack [mailto:adam@zeroknowledge.com]
> Sent: Thursday, August 30, 2001 4:11 PM
> To: Rosen, Brian
> Cc: 'John W Noerenberg II'; geopriv@mail.apps.ietf.org
> Subject: Re: Requirements Document
>
>
> On Thu, Aug 30, 2001 at 03:07:25PM -0400, Rosen, Brian wrote:
> > > >For example, I think we CAN require strong authentication
> > > >prior to transmission of location information in nearly every
> > > >case I'm aware of.
> > >
> > > In order to do that, you need a mechanisms to represent
> unambiguous
> > > identity of both parties in the exchange. The sad truth
> is no widely
> > > accepted Internet mechanism for this yet exists. This is
> still true,
> > > even when you try to restrict the domain geographically.
> That's why
> > > requiring strong authentication in the near term is
> optimistic, imho.
> > I do understand the limitations of authentication.
> > I think there are often difficulties of correlating the user's sense
> > of identity of a party with cryptographically strong authentication,
> > but I suspect that we still can have strong authentication in many,
> > but not all cases.
> >
> > I'm not aware of any techniques that ensure strong
> > privacy in tha absence of strong authentication.
>
> Do you mean the inverse, techniques that ensure strong privacy in the
> presence of strong authentication? Without strong authentication,
> privacy is easy.
>
> You can achieve strong authorization or credentialing, without needing
> to authenticate who I am, by using techniques such as Brands' Private
> Credentials, SPKI, or PolicyMaker. You might very well want strong
> authentication when handing out the credentials, but you don't need to
> share the information about who is being authorized to do something.
>
> This could be useful, for example, in saying that any police officer
> is authorized to force you to reveal your location, but that police
> officer is not required to reveal their name to you. You can give
> them a Private Credential that allows them to prove their police
> status, jurisdiction, etc, and only reveal the name if there is a
> reason to do so.
>
> Adam
>
>
> --
> "It is seldom that liberty of any kind is lost all at once."
> -Hume
>
>
Received on Thu Aug 30 16:18:57 2001